Burp Suite is an HTTP intercepting proxy used globally to test the security of web applications. It works by intercepting communication between your server and the target application that you wish to test and is packed full of nifty features such as Spider, Scanner, and Repeater. There are too many great Burp features to cover in one session so today I am just going to show you my five favorites which I use in every penetration test.

We’re going to talk about Rubber Ducky. It’s a very neat piece of hardware. It looks like a USB drive but has nothing to do with it except of USB connectivity, of course. Rubber Ducky is nothing more than keyboard emulating the device. It’s recognized by computer as a regular keyboard, and it’s capable of sending over 1,000 words per minute. Imagine how much text you could put into document, typing on your computer!